b.santos/cloud-cap-samples
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enable authorizations w/ dummy-auth (#158)

Browse Source 
* Enable authorizations w/ dummy-auth

* fixed: some tests run in privileged mode

* Fixed tests to skip auth

* npm test --silent

* Added dependency to passport
This commit is contained in:
Daniel Hutzel
2020-11-12 23:56:04 +01:00
committed by GitHub
parent ffaec7aa07
commit d0d08b1ee1
12 changed files with 25 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
bookshop/package.json
View File

@@ -5,7 +5,8 @@
"dependencies": { "dependencies": {
"@capire/common": "*", "@capire/common": "*",
"@sap/cds": "^4", "@sap/cds": "^4",
"express": "^4.17.1" "express": "^4.17.1",
"passport": "0.4.1"
}, },
"scripts": { "scripts": {
"genres": "cds serve test/genres.cds", "genres": "cds serve test/genres.cds",

2
bookshop/srv/admin-service.cds
View File

@@ -1,5 +1,5 @@
using { sap.capire.bookshop as my } from '../db/schema'; using { sap.capire.bookshop as my } from '../db/schema';
service AdminService @(requires_:'admin') { service AdminService @(requires:'admin') {
entity Books as projection on my.Books; entity Books as projection on my.Books;
entity Authors as projection on my.Authors; entity Authors as projection on my.Authors;
} }

2
bookshop/srv/cat-service.cds
View File

@@ -5,6 +5,6 @@ service CatalogService @(path:'/browse') {
author.name as author author.name as author
} excluding { createdBy, modifiedBy }; } excluding { createdBy, modifiedBy };
@requires_: 'authenticated-user' @requires: 'authenticated-user'
action submitOrder (book : Books:ID, amount: Integer); action submitOrder (book : Books:ID, amount: Integer);
} }

3
bookshop/test/requests.http
View File

@@ -36,6 +36,7 @@ Authorization: Basic alice:
# Create book # Create book
POST {{server}}/admin/Books POST {{server}}/admin/Books
Content-Type: application/json;IEEE754Compatible=true Content-Type: application/json;IEEE754Compatible=true
Authorization: Basic alice:
{ {
"ID": 2, "ID": 2,
@@ -53,6 +54,7 @@ Content-Type: application/json;IEEE754Compatible=true
# Put image to books # Put image to books
PUT {{server}}/admin/Books(2)/image PUT {{server}}/admin/Books(2)/image
Content-Type: image/png Content-Type: image/png
Authorization: Basic alice:
data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAANwAAADcCAYAAAAbWs+BAAAGwElEQVR4Ae3cwZFbNxBFUY5rkrDTmKAUk5QT03Aa44U22KC7NHptw+DRikVAXf8fzC3u8Hj4R4AAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAgZzAW26USQT+e4HPx+Mz+RRvj0e0kT+SD2cWAQK1gOBqH6sEogKCi3IaRqAWEFztY5VAVEBwUU7DCNQCgqt9rBKICgguymkYgVpAcLWPVQJRAcFFOQ0jUAsIrvaxSiAqILgop2EEagHB1T5WCUQFBBflNIxALSC42scqgaiA4KKchhGoBQRX+1glEBUQXJTTMAK1gOBqH6sEogKCi3IaRqAWeK+Xb1z9iN558fHxcSPS9p2ezx/ROz4e4TtIHt+3j/61hW9f+2+7/+UXbifjewIDAoIbQDWSwE5AcDsZ3xMYEBDcAKqRBHYCgtvJ+J7AgIDgBlCNJLATENxOxvcEBgQEN4BqJIGdgOB2Mr4nMCAguAFUIwnsBAS3k/E9gQEBwQ2gGklgJyC4nYzvCQwICG4A1UgCOwHB7WR8T2BAQHADqEYS2AkIbifjewIDAoIbQDWSwE5AcDsZ3xMYEEjfTzHwiK91B8npd6Q8n8/oGQ/ckRJ9vvQwv3BpUfMIFAKCK3AsEUgLCC4tah6BQkBwBY4lAmkBwaVFzSNQCAiuwLFEIC0guLSoeQQKAcEVOJYIpAUElxY1j0AhILgCxxKBtIDg0qLmESgEBFfgWCKQFhBcWtQ8AoWA4AocSwTSAoJLi5pHoBAQXIFjiUBaQHBpUfMIFAKCK3AsEUgLCC4tah6BQmDgTpPsHSTFs39p6fQ7Q770UsV/Ov19X+2OFL9wxR+rJQJpAcGlRc0jUAgIrsCxRCAtILi0qHkECgHBFTiWCKQFBJcWNY9AISC4AscSgbSA4NKi5hEoBARX4FgikBYQXFrUPAKFgOAKHEsE0gKCS4uaR6AQEFyBY4lAWkBwaVHzCBQCgitwLBFICwguLWoegUJAcAWOJQJpAcGlRc0jUAgIrsCxRCAt8J4eePq89B0ar3ZnyOnve/rfn1+400/I810lILirjtPLnC4guNNPyPNdJSC4q47Ty5wuILjTT8jzXSUguKuO08ucLiC400/I810lILirjtPLnC4guNNPyPNdJSC4q47Ty5wuILjTT8jzXSUguKuO08ucLiC400/I810lILirjtPLnC4guNNPyPNdJSC4q47Ty5wuILjTT8jzXSUguKuO08ucLiC400/I810l8JZ/m78+szP/zI47fJo7Q37vgJ7PHwN/07/3TOv/9gu3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhg4P6H9J0maYHXuiMlrXf+vOfA33Turf3C5SxNItAKCK4lsoFATkBwOUuTCLQCgmuJbCCQExBcztIkAq2A4FoiGwjkBASXszSJQCsguJbIBgI5AcHlLE0i0AoIriWygUBOQHA5S5MItAKCa4lsIJATEFzO0iQCrYDgWiIbCOQEBJezNIlAKyC4lsgGAjkBweUsTSLQCgiuJbKBQE5AcDlLkwi0Akff//Dz6U+/I6U1/sUNr3bnytl3kPzi4bXb/cK1RDYQyAkILmdpEoFWQHAtkQ0EcgKCy1maRKAVEFxLZAOBnIDgcpYmEWgFBNcS2UAgJyC4nKVJBFoBwbVENhDICQguZ2kSgVZAcC2RDQRyAoLLWZpEoBUQXEtkA4GcgOByliYRaAUE1xLZQCAnILicpUkEWgHBtUQ2EMgJCC5naRKBVkBwLZENBHIC/4M7TXIv+3PS22d24qvdQfL3C/7N5P5i/MLlLE0i0AoIriWygUBOQHA5S5MItAKCa4lsIJATEFzO0iQCrYDgWiIbCOQEBJezNIlAKyC4lsgGAjkBweUsTSLQCgiuJbKBQE5AcDlLkwi0AoJriWwgkBMQXM7SJAKtgOBaIhsI5AQEl7M0iUArILiWyAYCOQHB5SxNItAKCK4lsoFATkBwOUuTCBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIDAvyrwDySEJ2VQgUSoAAAAAElFTkSuQmCC data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAANwAAADcCAYAAAAbWs+BAAAGwElEQVR4Ae3cwZFbNxBFUY5rkrDTmKAUk5QT03Aa44U22KC7NHptw+DRikVAXf8fzC3u8Hj4R4AAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAgZzAW26USQT+e4HPx+Mz+RRvj0e0kT+SD2cWAQK1gOBqH6sEogKCi3IaRqAWEFztY5VAVEBwUU7DCNQCgqt9rBKICgguymkYgVpAcLWPVQJRAcFFOQ0jUAsIrvaxSiAqILgop2EEagHB1T5WCUQFBBflNIxALSC42scqgaiA4KKchhGoBQRX+1glEBUQXJTTMAK1gOBqH6sEogKCi3IaRqAWeK+Xb1z9iN558fHxcSPS9p2ezx/ROz4e4TtIHt+3j/61hW9f+2+7/+UXbifjewIDAoIbQDWSwE5AcDsZ3xMYEBDcAKqRBHYCgtvJ+J7AgIDgBlCNJLATENxOxvcEBgQEN4BqJIGdgOB2Mr4nMCAguAFUIwnsBAS3k/E9gQEBwQ2gGklgJyC4nYzvCQwICG4A1UgCOwHB7WR8T2BAQHADqEYS2AkIbifjewIDAoIbQDWSwE5AcDsZ3xMYEEjfTzHwiK91B8npd6Q8n8/oGQ/ckRJ9vvQwv3BpUfMIFAKCK3AsEUgLCC4tah6BQkBwBY4lAmkBwaVFzSNQCAiuwLFEIC0guLSoeQQKAcEVOJYIpAUElxY1j0AhILgCxxKBtIDg0qLmESgEBFfgWCKQFhBcWtQ8AoWA4AocSwTSAoJLi5pHoBAQXIFjiUBaQHBpUfMIFAKCK3AsEUgLCC4tah6BQmDgTpPsHSTFs39p6fQ7Q770UsV/Ov19X+2OFL9wxR+rJQJpAcGlRc0jUAgIrsCxRCAtILi0qHkECgHBFTiWCKQFBJcWNY9AISC4AscSgbSA4NKi5hEoBARX4FgikBYQXFrUPAKFgOAKHEsE0gKCS4uaR6AQEFyBY4lAWkBwaVHzCBQCgitwLBFICwguLWoegUJAcAWOJQJpAcGlRc0jUAgIrsCxRCAt8J4eePq89B0ar3ZnyOnve/rfn1+400/I810lILirjtPLnC4guNNPyPNdJSC4q47Ty5wuILjTT8jzXSUguKuO08ucLiC400/I810lILirjtPLnC4guNNPyPNdJSC4q47Ty5wuILjTT8jzXSUguKuO08ucLiC400/I810lILirjtPLnC4guNNPyPNdJSC4q47Ty5wuILjTT8jzXSUguKuO08ucLiC400/I810l8JZ/m78+szP/zI47fJo7Q37vgJ7PHwN/07/3TOv/9gu3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhg4P6H9J0maYHXuiMlrXf+vOfA33Turf3C5SxNItAKCK4lsoFATkBwOUuTCLQCgmuJbCCQExBcztIkAq2A4FoiGwjkBASXszSJQCsguJbIBgI5AcHlLE0i0AoIriWygUBOQHA5S5MItAKCa4lsIJATEFzO0iQCrYDgWiIbCOQEBJezNIlAKyC4lsgGAjkBweUsTSLQCgiuJbKBQE5AcDlLkwi0Akff//Dz6U+/I6U1/sUNr3bnytl3kPzi4bXb/cK1RDYQyAkILmdpEoFWQHAtkQ0EcgKCy1maRKAVEFxLZAOBnIDgcpYmEWgFBNcS2UAgJyC4nKVJBFoBwbVENhDICQguZ2kSgVZAcC2RDQRyAoLLWZpEoBUQXEtkA4GcgOByliYRaAUE1xLZQCAnILicpUkEWgHBtUQ2EMgJCC5naRKBVkBwLZENBHIC/4M7TXIv+3PS22d24qvdQfL3C/7N5P5i/MLlLE0i0AoIriWygUBOQHA5S5MItAKCa4lsIJATEFzO0iQCrYDgWiIbCOQEBJezNIlAKyC4lsgGAjkBweUsTSLQCgiuJbKBQE5AcDlLkwi0AoJriWwgkBMQXM7SJAKtgOBaIhsI5AQEl7M0iUArILiWyAYCOQHB5SxNItAKCK4lsoFATkBwOUuTCBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIDAvyrwDySEJ2VQgUSoAAAAAElFTkSuQmCC
@@ -78,4 +80,3 @@ GET {{server}}/browse/Genres?
# &$filter=parent_ID eq null&$select=name # &$filter=parent_ID eq null&$select=name
# &$expand=children($select=name) # &$expand=children($select=name)
{{me}} {{me}}

3
fiori/package.json
View File

@@ -6,7 +6,8 @@
"@capire/orders": "*", "@capire/orders": "*",
"@capire/common": "*", "@capire/common": "*",
"@sap/cds": "^4", "@sap/cds": "^4",
"express": "^4.17.1" "express": "^4.17.1",
"passport": "0.4.1"
}, },
"scripts": { "scripts": {
"start": "cds run --in-memory?", "start": "cds run --in-memory?",

4
package.json
View File

@@ -25,8 +25,8 @@
"fiori": "cds watch fiori", "fiori": "cds watch fiori",
"media": "cds watch media", "media": "cds watch media",
"mocha": "npx mocha || echo", "mocha": "npx mocha || echo",
"jest": "npx jest --verbose", "jest": "npx jest",
"test": "npm run jest -s" "test": "npm run jest --silent"
}, },
"mocha": { "mocha": {
"parallel": true "parallel": true

13
reviewed/test/requests.http
View File

@@ -1,10 +1,16 @@
@me = {{$processEnv USER}}:
@bookshop = http://localhost:4004
@reviews-service = {{bookshop}}/reviews
# @reviews-service = http://localhost:5005/reviews
################################################# #################################################
# #
# To ReviewsService # To ReviewsService
# #
# move the right down: # move the right down:
@reviews-service = http://localhost:4004/reviews
@reviews-service = http://localhost:5005/reviews
### Get all reviews ### Get all reviews
GET {{reviews-service}}/Reviews GET {{reviews-service}}/Reviews
@@ -12,6 +18,7 @@ GET {{reviews-service}}/Reviews
### Add a new review (with random rating) ### Add a new review (with random rating)
POST {{reviews-service}}/Reviews POST {{reviews-service}}/Reviews
Content-Type: application/json;IEEE754Compatible=true Content-Type: application/json;IEEE754Compatible=true
Authorization: Basic {{me}}
{"subject":"201", "title":"boo"} {"subject":"201", "title":"boo"}
@@ -23,8 +30,6 @@ Content-Type: application/json;IEEE754Compatible=true
# (both in-process as well as separate one) # (both in-process as well as separate one)
# #
@bookshop = http://localhost:4004
### Request to CatalogService > delegated to ReviewsService ### Request to CatalogService > delegated to ReviewsService
GET {{bookshop}}/browse/Books(201)/reviews? GET {{bookshop}}/browse/Books(201)/reviews?
&$select=rating,date,reviewer,title &$select=rating,date,reviewer,title

4
reviews/srv/reviews-service.cds
View File

@@ -24,14 +24,14 @@ service ReviewsService {
// Access control restrictions // Access control restrictions
annotate ReviewsService.Reviews with @restrict_:[ annotate ReviewsService.Reviews with @restrict:[
{ grant:'READ', to:'any' }, // everybody can read reviews { grant:'READ', to:'any' }, // everybody can read reviews
{ grant:'CREATE', to:'authenticated-user' }, // users must login to add reviews { grant:'CREATE', to:'authenticated-user' }, // users must login to add reviews
{ grant:'UPDATE', to:'authenticated-user', where:'reviewer=$user' }, { grant:'UPDATE', to:'authenticated-user', where:'reviewer=$user' },
{ grant:'DELETE', to:'admin' }, { grant:'DELETE', to:'admin' },
]; ];
annotate ReviewsService with @restrict_:[ annotate ReviewsService with @restrict:[
{ grant:'like', to:'identified-user' }, { grant:'like', to:'identified-user' },
{ grant:'unlike', to:'identified-user', where:'user=$user' }, { grant:'unlike', to:'identified-user', where:'user=$user' },
]; ];

2
test/custom-handlers.test.js
View File

@@ -1,4 +1,4 @@
const cds = require('@sap/cds/lib') const cds = require('@sap/cds/lib'); cds.User = cds.User.Privileged // skip auth
const { GET, POST, expect } = cds.test('bookshop').in(__dirname,'..') const { GET, POST, expect } = cds.test('bookshop').in(__dirname,'..')
describe('Custom Handlers', () => { describe('Custom Handlers', () => {

2
test/localized-data.test.js
View File

@@ -1,4 +1,4 @@
const cds = require('@sap/cds/lib') const cds = require('@sap/cds/lib'); cds.User = cds.User.Privileged // skip auth
const { GET, expect } = cds.test ('serve', __dirname+'/localized-data.cds', '--in-memory') const { GET, expect } = cds.test ('serve', __dirname+'/localized-data.cds', '--in-memory')
describe('Localized Data', () => { describe('Localized Data', () => {

2
test/messaging.test.js
View File

@@ -2,7 +2,7 @@ const cds = require('@sap/cds/lib')
const cwd = process.cwd(); process.chdir (__dirname) //> only for internal CI/CD@SAP const cwd = process.cwd(); process.chdir (__dirname) //> only for internal CI/CD@SAP
const {expect} = cds.test const {expect} = cds.test
const _model = '@capire/reviews' const _model = '@capire/reviews'
cds.User = cds.User.Privileged // hard core monkey patch
describe('Messaging', ()=>{ describe('Messaging', ()=>{

2
test/odata.test.js
View File

@@ -1,4 +1,4 @@
const cds = require('@sap/cds/lib') const cds = require('@sap/cds/lib'); cds.User = cds.User.Privileged // skip auth
const { GET, expect } = cds.test('bookshop').in(__dirname,'..') const { GET, expect } = cds.test('bookshop').in(__dirname,'..')
describe('OData Protocol', () => { describe('OData Protocol', () => {